From 3a60d6fa2f8a908d972f8787dc137acb7b8b26e3 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Fri, 19 Aug 2016 16:12:31 +0100 Subject: [PATCH] Avoid duplicated code. The certificate and CRL time setting functions used similar code, combine into a single utility function. Reviewed-by: Rich Salz --- crypto/include/internal/x509_int.h | 1 + crypto/x509/x509_set.c | 32 ++++++++++++------------------ crypto/x509/x509cset.c | 28 ++++---------------------- 3 files changed, 18 insertions(+), 43 deletions(-) diff --git a/crypto/include/internal/x509_int.h b/crypto/include/internal/x509_int.h index 3d0b0bde03..2845026dd8 100644 --- a/crypto/include/internal/x509_int.h +++ b/crypto/include/internal/x509_int.h @@ -264,3 +264,4 @@ struct x509_object_st { }; int a2i_ipadd(unsigned char *ipout, const char *ipasc); +int x509_set1_time(ASN1_TIME **ptm, const ASN1_TIME *tm); diff --git a/crypto/x509/x509_set.c b/crypto/x509/x509_set.c index dfcecb15c2..3cebf6ef3b 100644 --- a/crypto/x509/x509_set.c +++ b/crypto/x509/x509_set.c @@ -57,38 +57,32 @@ int X509_set_subject_name(X509 *x, X509_NAME *name) return (X509_NAME_set(&x->cert_info.subject, name)); } -int X509_set_notBefore(X509 *x, const ASN1_TIME *tm) +int x509_set1_time(ASN1_TIME **ptm, const ASN1_TIME *tm) { ASN1_TIME *in; - - if (x == NULL) - return (0); - in = x->cert_info.validity.notBefore; + in = *ptm; if (in != tm) { in = ASN1_STRING_dup(tm); if (in != NULL) { - ASN1_TIME_free(x->cert_info.validity.notBefore); - x->cert_info.validity.notBefore = in; + ASN1_TIME_free(*ptm); + *ptm = in; } } return (in != NULL); } -int X509_set_notAfter(X509 *x, const ASN1_TIME *tm) +int X509_set_notBefore(X509 *x, const ASN1_TIME *tm) { - ASN1_TIME *in; + if (x == NULL) + return 0; + return x509_set1_time(&x->cert_info.validity.notBefore, tm); +} +int X509_set_notAfter(X509 *x, const ASN1_TIME *tm) +{ if (x == NULL) - return (0); - in = x->cert_info.validity.notAfter; - if (in != tm) { - in = ASN1_STRING_dup(tm); - if (in != NULL) { - ASN1_TIME_free(x->cert_info.validity.notAfter); - x->cert_info.validity.notAfter = in; - } - } - return (in != NULL); + return 0; + return x509_set1_time(&x->cert_info.validity.notAfter, tm); } int X509_set_pubkey(X509 *x, EVP_PKEY *pkey) diff --git a/crypto/x509/x509cset.c b/crypto/x509/x509cset.c index fedb2c58e6..681c43812a 100644 --- a/crypto/x509/x509cset.c +++ b/crypto/x509/x509cset.c @@ -35,36 +35,16 @@ int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name) int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm) { - ASN1_TIME *in; - if (x == NULL) - return (0); - in = x->crl.lastUpdate; - if (in != tm) { - in = ASN1_STRING_dup(tm); - if (in != NULL) { - ASN1_TIME_free(x->crl.lastUpdate); - x->crl.lastUpdate = in; - } - } - return (in != NULL); + return 0; + return x509_set1_time(&x->crl.lastUpdate, tm); } int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm) { - ASN1_TIME *in; - if (x == NULL) - return (0); - in = x->crl.nextUpdate; - if (in != tm) { - in = ASN1_STRING_dup(tm); - if (in != NULL) { - ASN1_TIME_free(x->crl.nextUpdate); - x->crl.nextUpdate = in; - } - } - return (in != NULL); + return 0; + return x509_set1_time(&x->crl.nextUpdate, tm); } int X509_CRL_sort(X509_CRL *c) -- 2.25.1